Skip to content
OpenFirma OpenFirma
Blog

decision

Module: decision

Section titled “Module: decision”

Contents

Section titled “Contents”

Enums

  • Decision - Outcome of policy evaluation.
  • DenyReason - Typed reason code explaining why a request was denied.

firma_core::decision::Decision

Section titled “firma_core::decision::Decision”

Enum

Outcome of policy evaluation.

Every enforcement decision in Firma maps to one of these three variants.

Variants:

  • Allow - Request passes all checks. Proceed with execution.
  • Deny{ reason: DenyReason } - Request denied. Return error to agent with reason code.
  • Abort{ reason: String } - Critical failure. Kill the session/execution immediately.

Traits: Eq

Trait Implementations:

  • Deserialize
    • fn deserialize<__D>(__deserializer: __D) -> _serde::__private228::Result<Self, <__D as >::Error>
  • Clone
    • fn clone(self: &Self) -> Decision
  • PartialEq
    • fn eq(self: &Self, other: &Decision) -> bool
  • Serialize
    • fn serialize<__S>(self: &Self, __serializer: __S) -> _serde::__private228::Result<<__S as >::Ok, <__S as >::Error>
  • Debug
    • fn fmt(self: &Self, f: & mut $crate::fmt::Formatter) -> $crate::fmt::Result

firma_core::decision::DenyReason

Section titled “firma_core::decision::DenyReason”

Enum

Typed reason code explaining why a request was denied.

Deferred variants (add back when corresponding mechanisms exist):

  • BudgetExceeded — when budget tracking mechanism is designed
  • RiskThreshold — when anomaly detection is designed

Variants:

  • TokenInvalid - Signature check failed or unrecognized token format.
  • TokenExpired - Token TTL has elapsed.
  • TokenRevoked - Token has been explicitly revoked.
  • PolicyDenied - Cedar policy evaluation returned deny.
  • ScopeViolation - Action or resource outside the token’s granted scope.
  • ToolNotInScope - Specific tool not in the token’s allowed set.
  • MalformedRequest - Execution envelope failed validation.
  • AuthorityUnavailable - Cannot reach Authority for token validation.
  • PolicyBundleStale - Policy bundle TTL exceeded, no fresh bundle available.
  • PolicyBundleNotReady - Initial policy bundle has not been applied yet.
  • RevocationCacheNotReady - Initial revocation state has not been applied yet.
  • FailClosed - Fail-closed safety boundary triggered due to missing/invalid enforcement prerequisites.
  • EnforcementTimeout - Enforcement evaluation exceeded configured timeout budget.
  • CredentialInjectionFailed - Sidecar failed to inject credentials for Stage 3.
  • ConnectorTimeout - Outbound connector timed out.
  • ConnectorNetworkError - Outbound connector failed at the transport layer (DNS, TCP,
  • ConnectorInvalidRequest - Outbound connector could not translate the envelope into a
  • UnclassifiedIntent - Protected action could not be mapped to any canonical action class.

Traits: Error, Eq, Copy

Trait Implementations:

  • Deserialize
    • fn deserialize<__D>(__deserializer: __D) -> _serde::__private228::Result<Self, <__D as >::Error>
  • Debug
    • fn fmt(self: &Self, f: & mut $crate::fmt::Formatter) -> $crate::fmt::Result
  • Display
    • fn fmt(self: &Self, __formatter: & mut ::core::fmt::Formatter) -> ::core::fmt::Result
  • PartialEq
    • fn eq(self: &Self, other: &DenyReason) -> bool
  • Serialize
    • fn serialize<__S>(self: &Self, __serializer: __S) -> _serde::__private228::Result<<__S as >::Ok, <__S as >::Error>
  • Clone
    • fn clone(self: &Self) -> DenyReason